CVE-2026-6495

The CVE-2026-6495 entry concerns the Ajax Load More WordPress plugin and a Reflected XSS vulnerability in versions before 7.8.4 , caused by failure to sanitize/escape a parameter before output . This could affect high-privilege accounts (e.g., admins) if an attacker can induce the vulnerable para...

CVE-2025-68600 WordPress Link Library plugin <= 7.8.7 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Yannick Lefebvre Link Library link-library allows Server Side Request Forgery.This issue affects Link Library: from n/a through = 7.8.7...

PT-2025-53288

Name of the Vulnerable Software and Affected Versions Link Library versions through 7.8.4 Description A Server-Side Request Forgery SSRF vulnerability exists in Yannick Lefebvre Link Library. This issue allows for Server Side Request Forgery. Recommendations Update Link Library to a version newer...

WordPress plugin Link Library 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

Fortra GoAnywhere MFT License Servlet Deserialization Vulnerability

Fortra GoAnywhere MFT is a Managed File Transfer MFT solution helping organizations build both internal and external data transfer exchanges. GoAnyWhere MFT versions before 7.8.4 and before 7.6.3 suffer from a deserialization vulnerabilty. By crafting a specific payload, a remote and...

CVE-2024-1322

The Directorist – WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'setupwizard' function in all versions up to, and including, 7.8.4. This makes it possible for...

CVE-2017-13667

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF...

CVE-2024-56115

A vulnerability in Amiro.CMS before 7.8.4 exists due to the failure to take measures to neutralize special elements. It allows remote attackers to conduct a Cross-Site Scripting XSS attack...

Amiro.CMS 安全漏洞

Amiro.CMS is a commercial content management system from Amiro.CMS, Inc. A security vulnerability exists in Amiro.CMS versions prior to 7.8.4 that stems from vulnerability to a cross-site request forgery attack that allows a remote attacker to create an administrator account...

CVE-2024-56115

A vulnerability in Amiro.CMS before 7.8.4 exists due to the failure to take measures to neutralize special elements. It allows remote attackers to conduct a Cross-Site Scripting XSS attack...

CVE-2024-1322 Directorist <= 7.8.4 - Missing Authorization to Unauthenticated Settings Change

The Directorist – WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'setupwizard' function in all versions up to, and including, 7.8.4. This makes it possible for...

WordPress Directorist Plugin <= 7.8.4 is vulnerable to Broken Access Control

Software Directorist Type Plugin Vulnerable versions = 7.8.4 Fixed in 7.8.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1322 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID dd1efe90eebb Credits Lucio Sá Required privilege...

Open-Xchange (OX) App Suite Multiple Vulnerabilities (Jan 2017)

Open-Xchange OX App Suite is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Open-Xchange (OX) App Suite Multiple Vulnerabilities (Dec 2017)

Open-Xchange OX App Suite is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2017-13668

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting XSS...

CVE-2017-17060

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Insecure Permissions...

Open-Xchange (OX) App Suite Access Control Vulnerability (Bug ID 61315)

Open-Xchange OX App Suite is prone to an access control vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Open-Xchange (OX) App Suite XSS Vulnerability (56406)

Content of mails added to Portal are being executed as script code. This way malicious code within mails can get stored persistently. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Open-Xchange OX App Suite Cross Site Scripting / SSRF

Product: OX App Suite Vendor: OX Software GmbH Internal reference: 59653 Bug ID Vulnerability type: Cross-Site Scripting CWE-80 Vulnerable version: 7.10.0 Vulnerable component: frontend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 7.10.0-rev13 Vendor notification:...

Open-Xchange (OX) App Suite Multiple Vulnerabilities (58226, 58096)

Open-Xchange OX App Suite is prone to multiple vulnerabilities. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free softwar...